aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlain Kermis <alain.kermis@sonarsource.com>2024-08-22 10:46:21 +0200
committersonartech <sonartech@sonarsource.com>2024-08-26 20:03:04 +0000
commitbd689765639141b8c1db9612ea7ad65c700fb4a1 (patch)
tree377de735029ea6708106ee6becaf00dc8af9e6fa
parentebb53dcd569645da63dc81f20be52ffa80e1f675 (diff)
downloadsonarqube-bd689765639141b8c1db9612ea7ad65c700fb4a1.tar.gz
sonarqube-bd689765639141b8c1db9612ea7ad65c700fb4a1.zip
SONAR-22787 Add FIPS environment information to support info file
-rw-r--r--server/sonar-telemetry-core/src/main/java/org/sonar/telemetry/core/common/DailyInstallationMetricProvider.java41
-rw-r--r--server/sonar-telemetry-core/src/main/java/org/sonar/telemetry/core/common/package-info.java23
-rw-r--r--server/sonar-webserver/src/main/java/org/sonar/server/platform/platformlevel/PlatformLevel4.java4
-rw-r--r--server/sonar-webserver/src/main/java/org/sonar/server/platform/telemetry/TelemetryFipsEnabledProvider.java43
-rw-r--r--server/sonar-webserver/src/main/java/org/sonar/server/platform/telemetry/TelemetryVersionProvider.java16
-rw-r--r--server/sonar-webserver/src/test/java/org/sonar/server/platform/telemetry/TelemetryFipsEnabledProviderTest.java66
-rw-r--r--sonar-core/build.gradle1
-rw-r--r--sonar-core/src/main/java/org/sonar/core/fips/FipsDetector.java43
-rw-r--r--sonar-core/src/main/java/org/sonar/core/fips/package-info.java23
-rw-r--r--sonar-core/src/test/java/org/sonar/core/fips/FipsDetectorTest.java61
10 files changed, 306 insertions, 15 deletions
diff --git a/server/sonar-telemetry-core/src/main/java/org/sonar/telemetry/core/common/DailyInstallationMetricProvider.java b/server/sonar-telemetry-core/src/main/java/org/sonar/telemetry/core/common/DailyInstallationMetricProvider.java
new file mode 100644
index 00000000000..79917f7166d
--- /dev/null
+++ b/server/sonar-telemetry-core/src/main/java/org/sonar/telemetry/core/common/DailyInstallationMetricProvider.java
@@ -0,0 +1,41 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.telemetry.core.common;
+
+import org.sonar.telemetry.core.Dimension;
+import org.sonar.telemetry.core.Granularity;
+import org.sonar.telemetry.core.TelemetryDataProvider;
+
+/**
+ * This class is used to provide daily installation metrics to the telemetry system.
+ */
+public abstract class DailyInstallationMetricProvider<T> implements TelemetryDataProvider<T> {
+
+ @Override
+ public Dimension getDimension() {
+ return Dimension.INSTALLATION;
+ }
+
+ @Override
+ public Granularity getGranularity() {
+ return Granularity.DAILY;
+ }
+
+}
diff --git a/server/sonar-telemetry-core/src/main/java/org/sonar/telemetry/core/common/package-info.java b/server/sonar-telemetry-core/src/main/java/org/sonar/telemetry/core/common/package-info.java
new file mode 100644
index 00000000000..f1c0831d131
--- /dev/null
+++ b/server/sonar-telemetry-core/src/main/java/org/sonar/telemetry/core/common/package-info.java
@@ -0,0 +1,23 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+@ParametersAreNonnullByDefault
+package org.sonar.telemetry.core.common;
+
+import javax.annotation.ParametersAreNonnullByDefault;
diff --git a/server/sonar-webserver/src/main/java/org/sonar/server/platform/platformlevel/PlatformLevel4.java b/server/sonar-webserver/src/main/java/org/sonar/server/platform/platformlevel/PlatformLevel4.java
index 8aef512ede0..2aa955e21e6 100644
--- a/server/sonar-webserver/src/main/java/org/sonar/server/platform/platformlevel/PlatformLevel4.java
+++ b/server/sonar-webserver/src/main/java/org/sonar/server/platform/platformlevel/PlatformLevel4.java
@@ -187,6 +187,7 @@ import org.sonar.server.platform.SystemInfoWriterModule;
import org.sonar.server.platform.WebCoreExtensionsInstaller;
import org.sonar.server.platform.db.CheckAnyonePermissionsAtStartup;
import org.sonar.server.platform.telemetry.ProjectCppAutoconfigTelemetryProvider;
+import org.sonar.server.platform.telemetry.TelemetryFipsEnabledProvider;
import org.sonar.server.platform.telemetry.TelemetryNclocProvider;
import org.sonar.server.platform.telemetry.TelemetryUserEnabledProvider;
import org.sonar.server.platform.telemetry.TelemetryVersionProvider;
@@ -663,11 +664,12 @@ public class PlatformLevel4 extends PlatformLevel {
RecoveryIndexer.class,
IndexersImpl.class,
- //new telemetry metrics
+ // new telemetry metrics
ProjectCppAutoconfigTelemetryProvider.class,
TelemetryVersionProvider.class,
TelemetryNclocProvider.class,
TelemetryUserEnabledProvider.class,
+ TelemetryFipsEnabledProvider.class,
// telemetry
TelemetryMetricsLoader.class,
diff --git a/server/sonar-webserver/src/main/java/org/sonar/server/platform/telemetry/TelemetryFipsEnabledProvider.java b/server/sonar-webserver/src/main/java/org/sonar/server/platform/telemetry/TelemetryFipsEnabledProvider.java
new file mode 100644
index 00000000000..ceb4fd3f04e
--- /dev/null
+++ b/server/sonar-webserver/src/main/java/org/sonar/server/platform/telemetry/TelemetryFipsEnabledProvider.java
@@ -0,0 +1,43 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.telemetry;
+
+import java.util.Optional;
+import org.sonar.core.fips.FipsDetector;
+import org.sonar.telemetry.core.TelemetryDataType;
+import org.sonar.telemetry.core.common.DailyInstallationMetricProvider;
+
+public class TelemetryFipsEnabledProvider extends DailyInstallationMetricProvider<Boolean> {
+
+ @Override
+ public String getMetricKey() {
+ return "is_fips_enabled";
+ }
+
+ @Override
+ public TelemetryDataType getType() {
+ return TelemetryDataType.BOOLEAN;
+ }
+
+ @Override
+ public Optional<Boolean> getValue() {
+ return Optional.of(FipsDetector.isFipsEnabled());
+ }
+}
diff --git a/server/sonar-webserver/src/main/java/org/sonar/server/platform/telemetry/TelemetryVersionProvider.java b/server/sonar-webserver/src/main/java/org/sonar/server/platform/telemetry/TelemetryVersionProvider.java
index 101f694f99e..01041ce6f97 100644
--- a/server/sonar-webserver/src/main/java/org/sonar/server/platform/telemetry/TelemetryVersionProvider.java
+++ b/server/sonar-webserver/src/main/java/org/sonar/server/platform/telemetry/TelemetryVersionProvider.java
@@ -21,12 +21,10 @@ package org.sonar.server.platform.telemetry;
import java.util.Optional;
import org.sonar.api.platform.Server;
-import org.sonar.telemetry.core.Dimension;
-import org.sonar.telemetry.core.Granularity;
-import org.sonar.telemetry.core.TelemetryDataProvider;
import org.sonar.telemetry.core.TelemetryDataType;
+import org.sonar.telemetry.core.common.DailyInstallationMetricProvider;
-public class TelemetryVersionProvider implements TelemetryDataProvider<String> {
+public class TelemetryVersionProvider extends DailyInstallationMetricProvider<String> {
private final Server server;
@@ -40,16 +38,6 @@ public class TelemetryVersionProvider implements TelemetryDataProvider<String> {
}
@Override
- public Dimension getDimension() {
- return Dimension.INSTALLATION;
- }
-
- @Override
- public Granularity getGranularity() {
- return Granularity.DAILY;
- }
-
- @Override
public TelemetryDataType getType() {
return TelemetryDataType.STRING;
}
diff --git a/server/sonar-webserver/src/test/java/org/sonar/server/platform/telemetry/TelemetryFipsEnabledProviderTest.java b/server/sonar-webserver/src/test/java/org/sonar/server/platform/telemetry/TelemetryFipsEnabledProviderTest.java
new file mode 100644
index 00000000000..40174aafa13
--- /dev/null
+++ b/server/sonar-webserver/src/test/java/org/sonar/server/platform/telemetry/TelemetryFipsEnabledProviderTest.java
@@ -0,0 +1,66 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.telemetry;
+
+import java.util.Optional;
+import org.junit.jupiter.api.Test;
+import org.sonar.core.fips.FipsDetector;
+import org.sonar.telemetry.core.Dimension;
+import org.sonar.telemetry.core.Granularity;
+import org.sonar.telemetry.core.TelemetryDataType;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assumptions.assumeFalse;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
+
+class TelemetryFipsEnabledProviderTest {
+
+ /**
+ * This test should only run when FIPS is enabled, i.e. when the FIPS provider is present in the list of providers.
+ */
+ @Test
+ void testGetters_whenFipsEnabled() {
+ assumeTrue(FipsDetector.isFipsEnabled());
+
+ assertValues(true);
+ }
+
+ /**
+ * This test should only run when FIPS is disabled, i.e. when the FIPS provider is not present in the list of providers.
+ */
+ @Test
+ void testGetters_whenFipsDisabled() {
+ assumeFalse(FipsDetector.isFipsEnabled());
+
+ assertValues(false);
+ }
+
+ private void assertValues(boolean expectedFipsEnabled) {
+ TelemetryFipsEnabledProvider telemetryVersionProvider = new TelemetryFipsEnabledProvider();
+ assertEquals("is_fips_enabled", telemetryVersionProvider.getMetricKey());
+ assertEquals(Dimension.INSTALLATION, telemetryVersionProvider.getDimension());
+ assertEquals(Granularity.DAILY, telemetryVersionProvider.getGranularity());
+ assertEquals(TelemetryDataType.BOOLEAN, telemetryVersionProvider.getType());
+ assertEquals(Optional.of(expectedFipsEnabled), telemetryVersionProvider.getValue());
+ assertThrows(IllegalStateException.class, telemetryVersionProvider::getUuidValues);
+ }
+
+}
diff --git a/sonar-core/build.gradle b/sonar-core/build.gradle
index 053c84335d0..3360cc80f3c 100644
--- a/sonar-core/build.gradle
+++ b/sonar-core/build.gradle
@@ -26,6 +26,7 @@ dependencies {
testImplementation 'junit:junit'
testImplementation 'org.assertj:assertj-core'
testImplementation 'org.junit.jupiter:junit-jupiter-api'
+ testImplementation 'org.junit.jupiter:junit-jupiter-params'
testImplementation 'org.hamcrest:hamcrest-core'
testImplementation 'org.mockito:mockito-core'
testImplementation 'org.simpleframework:simple'
diff --git a/sonar-core/src/main/java/org/sonar/core/fips/FipsDetector.java b/sonar-core/src/main/java/org/sonar/core/fips/FipsDetector.java
new file mode 100644
index 00000000000..d619fffa55d
--- /dev/null
+++ b/sonar-core/src/main/java/org/sonar/core/fips/FipsDetector.java
@@ -0,0 +1,43 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.core.fips;
+
+import java.security.Provider;
+import java.security.Security;
+import java.util.Locale;
+
+public class FipsDetector {
+
+ private FipsDetector() {
+ // Helper class
+ }
+
+ public static boolean isFipsEnabled() {
+ Provider[] providers = Security.getProviders();
+ for (Provider provider : providers) {
+ String nameLowerCase = provider.getName().toUpperCase(Locale.ENGLISH);
+ if (nameLowerCase.contains("FIPS")) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+}
diff --git a/sonar-core/src/main/java/org/sonar/core/fips/package-info.java b/sonar-core/src/main/java/org/sonar/core/fips/package-info.java
new file mode 100644
index 00000000000..1d1de452d39
--- /dev/null
+++ b/sonar-core/src/main/java/org/sonar/core/fips/package-info.java
@@ -0,0 +1,23 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+@ParametersAreNonnullByDefault
+package org.sonar.core.fips;
+
+import javax.annotation.ParametersAreNonnullByDefault;
diff --git a/sonar-core/src/test/java/org/sonar/core/fips/FipsDetectorTest.java b/sonar-core/src/test/java/org/sonar/core/fips/FipsDetectorTest.java
new file mode 100644
index 00000000000..e8f8a75d983
--- /dev/null
+++ b/sonar-core/src/test/java/org/sonar/core/fips/FipsDetectorTest.java
@@ -0,0 +1,61 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.core.fips;
+
+import java.security.Provider;
+import java.security.Security;
+import java.util.ArrayList;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.MethodSource;
+import org.mockito.MockedStatic;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.mockStatic;
+import static org.mockito.Mockito.when;
+
+class FipsDetectorTest {
+
+ @ParameterizedTest
+ @MethodSource("inputs")
+ void testGetters(String[] providerNames, boolean expected) {
+ ArrayList<Provider> providers = new ArrayList<>();
+ for (String providerName : providerNames) {
+ Provider provider = mock(Provider.class);
+ when(provider.getName()).thenReturn(providerName);
+ providers.add(provider);
+ }
+
+ try (MockedStatic<Security> mockedSecurity = mockStatic(Security.class)) {
+ mockedSecurity.when(Security::getProviders).thenReturn(providers.toArray(new Provider[0]));
+
+ boolean result = FipsDetector.isFipsEnabled();
+ assertThat(result).isEqualTo(expected);
+ }
+ }
+
+ private static Object[][] inputs() {
+ return new Object[][] {
+ { new String[]{"FIPS Provider", "SunJSSE", "SunJCE"}, true },
+ { new String[]{"Some Provider", "SunJSSE", "SunJCE"}, false }
+ };
+ }
+
+}